Dr. Alexander Vögele and William Bader, KPMG Frankfurt
The following is an abridged version of an article published in Tax Planning International Transfer Pricing, vol. 2 no. 9 September 2001, pp. 3 ff.
For editorial cut-off date, disclaimer, and notice of copyright see end of this article.
Articles in the press and in professional journals have alerted the German business community to the threat posed by the entry into force of a series of 'electronic audit' provisions enacted as part of Germany's landmark 2000 Tax Reduction Act (§ 146 (5), § 147 (2) (5) (6), and § 200 (1) AO = Abgabenordnung or Tax Procedure Act). These provisions took effect on 1 January 2002 and grant Germany's tax auditors access rights to taxpayer computer systems that are broad enough to cause some authors to doubt the legislation's constitutionality. The primary application of the new electronic audit provisions is expected to be in the areas of VAT fraud and transfer pricing.
Taxpayers would be ill-advised to ignore the new legislation in the hope that it will ultimately be declared unconstitutional, however. Attention should instead be focused on the manner in which the new statutes will probably be applied. Initial indications as to the intentions of the tax authorities were contained in proposed implementing regulations issued in October 2000 (hereinafter "the proposed regulations"). These so alarmed taxpayers and tax professionals that the German Liberal Party took up their cause vis-à-vis the governing coalition of Social Democrats and Greens. The business community also voiced its concerns.
Final implementing regulations were issued somewhat abruptly in July 2001 (hereinafter "the final regulations" – DB 2001, 1589). These regulations urge taxpayers to redesign their computer systems to limit the scope of 'electronic audits,' but do so in vague terms and by no means commit the tax authorities to observe the limits taxpayers set. The new regulations thus leave taxpayers in the dark, and with the ball in their court.
This article deals only with the electronic audit provisions of the new regulations, which also contain provisions on electronic invoices for VAT purposes and on certain other documents transmitted electronically between taxpayers.
The tax authorities already possessed access to electronically stored data under prior law, which required taxpayers to convert electronic or microfilm data to readable form on demand. The innovations made by the new statutes lie in two other areas:
- The tax authorities receive the right to analyse electronic data by electronic means.
- The amount of data which the taxpayer is required to store electronically and hold ready for electronic analysis is increased drastically.
The net effect of these two changes is to enhance tax authority access to the taxpayer's electronically stored data as a practical matter. The rights created by the new laws apply only in the tax audit context. They do not extend the nominal audit scope.
Under § 147 (6) AO, Germany's tax auditors receive three distinct types of access to taxpayer electronic data for analysis purposes:
- Direct on-site read-only access to the taxpayer's computer systems, by which the tax auditors are entitled to operate the taxpayer's hardware and software to search and analyse electronically stored data.
- Direct off-site access to the same data, by which the tax auditors may require the taxpayer to hand over blocks of data stored on electronic media for analysis by the auditors at their leisure using their own hardware and software.
- Assisted on-site access, by which the tax auditors may have the taxpayer screen, sort, and analyse electronic data in accordance with their specifications.
The different access rights may be exercised individually or cumulatively. The taxpayer is required to assist the tax authorities in the exercise of their data access rights (new § 200 AO) and bears the related costs (new § 147 (5) and (6) sent. 3 AO).
The final regulations were revised to make clear that the tax authorities are not permitted to use their own software in the context of direct on-site access. Furthermore, on-line access to taxpayer data systems from a remote location outside the taxpayer's premises is likewise prohibited.
Electronic data analysis is impossible where data is not stored in electronic form. In order to guarantee electronic analysis, the new legislation expands the scope of electronic data storage.
The documents which a taxpayer is required to retain under German tax law are specified by § 147 (1) AO, which reads as follows:
(1) The following documents must be retained in a systematic manner:
1. books and records, inventory lists, year-end financial statements, management reports, [and] the opening balance sheet, together with the job instructions and other organisational documents necessary to their comprehension;
2. commercial and business letters received
3. reproductions of commercial and business letters sent
4. bookkeeping vouchers
5. other documents, to the extent having tax significance.
The documents specified in § 147 (1) nos. 1 and 4 AO must be retained for ten years. A six year retention period applies to the other documents under § 147 (3) AO.
Previously, the taxpayer had wide discretion as to the manner in which documents were retained. Retention of microfilm copies was sufficient in all cases. No data needed to be stored in electronic form, not even data which, prior to archiving, had existed only in digital form.
While it is clear that the new law for the first time requires certain documents to be stored in an electronic form that is susceptible of electronic analysis (hereinafter "electronic storage" for short), the authors of this article confess that they can not entirely explain the limits of the new requirement based on either the relevant statutes or the final regulations. The following summary therefore represents an educated guess:
- Electronic storage is required by sec. III.I of the final regulations for all documents within the meaning of § 146 (5) AO that originate in digital form. According to the regulations, documents originate in digital form where they consist of data that either enters the data processing system in electronic form or is generated in the data processing system. The final regulations state that storage of such documents only on microfilm or only as PDF files is insufficient. § 146 (5) AO relates to books and records, hence to the core bookkeeping documents.
- Electronic storage is required by § 147 (2) sentence 2 AO for all documents covered by § 147 (1) AO that the taxpayer elects to store "as reproductions on a pictorial storage medium or on other data storage media". According to the statute, it makes no difference whether the documents in question originated in digital form or were created with the aid of a data processing system.
- The second paragraph in sec. III.I of the final regulations makes explicit reference to § 147 (2) sentence 2 AO and states that electronic storage is not required "where a document, while created by computer-assisted means, is not suitable for processing in a computerised bookkeeping system (e.g. text documents)." This statement appears to limit substantially the scope of § 147 (2) sentence 2 AO.
- Finally, an argument can be made, though the regulations fail to do so, that electronic storage is required for all documents listed in § 147 (1) AO that have been created with the aid of a data processing system.
Most companies will find that a considerable body of information previously stored on computer output microfilm or the like must now be stored on electronic media that permit later electronic analysis by the tax authorities.
§ 147 (6) AO may be read as granting the tax authorities the right to use electronic means to analyse documents subject to retention under § 147 (1) AO that have been created using computer systems and are stored in electronic form pursuant to the provisions discussed in sec. 2.3 above (narrow reading). The statutory authorisation to use the taxpayer's data processing systems "for purposes of auditing these documents" may also be construed, however, as permitting discovery of other documents in the taxpayer's computer systems that possess tax relevance in that they confirm or refute the accuracy of information contained in computer-generated documents within the meaning of § 147 (1) AO without themselves constituting such documents (broad reading).
The final regulations do not explicitly address this issue. They state in sec. I.1 that the right of data access "is limited exclusively to data that is relevant for tax purposes (tax relevant data)." They do not state that data access is limited to documents within the meaning of § 147 (1) AO. On the other hand, as explained in sec. 3.3 below, the final regulations require the taxpayer to classify the data stored in its computer systems "in accordance with its recordkeeping and document retention obligations." Such obligations only exist with respect to documents covered by § 147 (1) AO. Hence, the tax authorities may be assumed to have adopted the narrow reading of § 146 (6) AO.
Under the narrow reading of § 146 (6) AO, the scope of the tax authorities' electronic data access is determined by § 147 (1) AO. Of the five types of documents covered by this statute, one readily notes that the fifth ("other documents, to the extent having tax significance") appears to represent an all-encompassing catch-all category. The retention period for documents in this category is at least six years.
The scope of § 147 (1) no. 5 AO is debatable. While some authors adopt a restrictive approach and limit this category to documents related to the bookkeeping system not otherwise covered by the statute, other commentators take a broader view.
The authors of this article believe that the category of "other documents ... having tax significance" can only be defined in the context of specific tax issues. In the transfer pricing context, it is obvious that a wide range of documents may have tax significance.
The extent to which documents having relevance for transfer pricing purposes are subject to retention under § 147 (1) no. 5 AO is unclear. The answer may depend on whether the tax relevance of particular documents was clearly foreseeable by the taxpayer. In this context it is interesting to note that the tax authorities are currently preparing regulations defining the taxpayer's compliance obligations in the transfer pricing context (see KPMG German News no. 1/2002 p. 2 = article no. 239). In these regulations, the tax authorities are expected to identify certain documents frequently created by taxpayers for business purposes, such as cost calculation and cost accounting documents, that generally possess transfer pricing relevance. As long as the list of documents contained in the transfer pricing compliance regulations is reasonable, it may help define the scope of § 147 (1) no. 5 AO in the transfer pricing context.
The "guidance" provided to the taxpayer by the final regulations resembles that which the Delphic oracle used to provide to those who beseeched her. Taxpayers are told that the tax authorities will expect full access to the financial accounting system, the fixed asset accounting system, and the payroll accounting system. Furthermore, "to the extent tax relevant data is also located in other areas of the data processing system, the taxpayer shall classify such data in accordance with its recordkeeping and document retention obligations and make it available for [electronic] data access by suitable means."
The final regulations add: "Where data has been improperly classified, the tax authorities may in their reasonable discretion require the taxpayer to permit subsequent [electronic] data access to such tax relevant data."
The final regulations offer no guidance as to how the taxpayer should distinguish between tax relevant and tax irrelevant data on its computer and data storage systems. However, the final regulations contrast with the proposed regulations in two positive respects from the taxpayer's perspective:
- They openly invite the taxpayer to draw a distinction between data with and without tax relevance and to deny the tax authorities access to the data which lacks tax relevance (in the taxpayer's opinion).
- They name only three areas (financial, fixed asset, and payroll accounting) to which the tax authorities claim unrestricted access. The proposed regulations also raised such claims with respect to cost and performance accounting, goods and materials management systems, document management systems, and other archiving systems.
On the other hand, the tax authorities have not relinquished their access to all areas but financial, fixed asset, and payroll accounting. Instead, they have delegated to the taxpayer the task of arranging access for them to all tax relevant documents outside of these three core areas. It is up to the taxpayer to ensure that the tax authorities do not accidentally access sensitive data that lacks tax relevance. Should the taxpayer exclude the tax authorities from tax relevant information, the tax authorities reserve the right to require that they be given access to the area in question.
The final regulations thus leave the taxpayer in the dark in two important respects:
- As to the criteria they should apply in classifying tax relevant data and
- As to the whether the tax authorities intend to accept their classification or not.
The statutory provision governing entry into force of the new electronic rules states that they are applicable from 1 January 2002 onwards (§ 19b EGAO).
The final regulations interpret this to mean that the tax auditors' rights of access to taxpayer computer systems apply to audits beginning from 1 January 2002 onwards. Since audits relate to fiscal years expired and generally do not cover the last year or two immediately prior to the audit, this means that the tax authorities may exercise their electronic audit rights for the purposes of auditing assessment periods from roughly 1995 onwards. Companies need to determine the years covered by their last audit beginning prior to 1 January 2002. All subsequent years will be subject to 'electronic audit'.
Since electronic audits are only possible with respect to electronic data (data stored in a form that permits electronic analysis), the entry into force of the extended requirements for electronic data storage (discussed in sec. 2.3 above) is of greater importance than the mere existence of the electronic audit rights themselves.
The relevant provisions of the final regulations state that taxpayers must store data archived after 31 December 2001 in a manner that permits it to be subjected to subsequent computer analysis in the context of a later audit (Reg. sec. I.3(b)). Note that this archiving rule depends on the date of archiving, not the period to which the archived data relates or the date of creation of the data. The regulations thus extend the electronic storage requirements of laws that take effect in 2002 to data created prior to 2002. Since the form in which data is originally generated can have an impact on the manner in which it is later archived, the rule could lead to an unreasonable burden on taxpayers in certain circumstances and might be challenged accordingly.
The general rule with regard to data archived prior to 1 January 2002 should be that it is not covered by the new electronic storage requirements. The regulations introduce some confusion on this issue by stating that taxpayers need not feed data archived by the end of 2001 back into their computer systems (need not "reactivate" such data) "where this would involve unreasonable expense for the taxpayer" (Reg. sec. I.3(a)).
Where data has not been stored in electronic form, or in an electronic form such as PDF files that cannot be processed by computer systems, it cannot be "reactivated" no matter how great the effort. Hence, the cited passage in the regulations should be construed as applying only to data which was archived in an electronic form that is "re-activatable" without changing the form of the data (e.g. without converting microfilm manually into a computer file). Whether documents were properly archived depends on the law in effect at the time of archiving. The new archiving requirements (requirements for electronic storage – see sec. 2.3 above) apply only to data archived from 2002 onwards.
A distinction must be drawn between electronic data access rights, which from 2002 on may be used to audit years prior to 2002, and data storage obligations, which are fixed by the law in force at the time of data storage. Where data archived prior to 2002 is not in an electronically analysable form, no electronic analysis of such data by the tax authorities is possible. No weighing of interests is needed to determine whether the taxpayer would be unreasonably burdened if it converted the data to another form.
Finally, sec. III.3 of the final regulations states that taxpayers with fiscal years that differ from the calendar year (non-calendar-year taxpayers) need only adhere to the new electronic storage requirements from the start of their first fiscal year to begin in 2002 if they can demonstrate that archiving on computer analysable media from 1 January 2002 onwards was precluded "for technical reasons". It is unclear what "technical reasons" might justify delayed compliance with the electronic storage rules by non-calendar-year taxpayers. Probably, the required level of difficulty is not too high.
Tax auditor access to taxpayer computer systems poses multiple dilemmas:
- The electronic audit provisions change the nature of the German tax audit. Whereas before all documents were provided by the taxpayer to the tax auditors at their request, the tax auditors will in the future have the ability to search actively for relevant documents. The taxpayer thus loses a substantial measure of control over the information available to the tax auditors.
- In the transfer pricing context, virtually all economic and management data relating to the company under audit possesses "tax relevance" when assessing the relative value of functions performed, risks assumed, and benefits exchanged with related parties. A non-exclusive list of sensitive data which may be highly tax-relevant includes secret business strategy, confidential market analysis and sales forecasts, commercial and technical secrets, R&D reports on the utility of patents, the performance and remuneration of key employees, and parallel accounting systems existing alongside the financial accounts in which expenses and revenues are allocated with regard to different principles.
- In the process of combing through the taxpayer's computer systems, the tax auditors may "accidentally" discover documents outside the nominal scope of the tax audit, such as confidential discussion memoranda. Even if systematic search for such documents would not have been allowed, they are admissible in court unless their discovery was due to intentional search of a non-tax domain by the tax authorities.
The regulations are unclear on this point, but seem to say that the tax authorities must receive electronic access to relevant data located on third party data systems where there are links or interfaces between the third party system and the taxpayer's systems. The issue is of particular relevance as concerns interfaces with the computer systems of related parties.
As amended, § 200 (1) AO requires the taxpayer to assist the tax authorities in the exercise of their electronic audit rights. The regulations elaborate on this point:
- In order to provide direct on-site access, the taxpayer must hold ready the software and hardware needed to read and to some extent process stored data. Given the rapid technological progress in the IT area, fulfilling this requirement over a period of up to ten years can be quite burdensome.
- The taxpayer must also provide an explanation of the data processing systems so as to enable the tax authorities to operate them. This requires keeping personnel on hand that understand what may in some cases be quite old systems. Where the tax authorities request the taxpayer to analyse data according to their specifications, the taxpayer's personnel must carry out the operations (assisted on-site access).
- The taxpayer must explain the file structure, data fields, and internal and external system links or interfaces. While these provisions would appear relevant to direct on-site access as well, they are found in a section dealing with direct off-site access situations in which the tax authorities receive blocks of data on portable media for analysis at their own offices. See also sec. 6.1 above.
- Where the taxpayer is not required to reactivate data archived prior to 1 January 2002 (see sec. 4 above), it need not hold the personnel, software, and hardware in readiness that would be necessary to process this data were it to be reactivated.
6.3 Constitutional issues
Various constitutional objections may be raised against the new electronic audit provisions. All rest on the basic concept that the means chosen by government must be commensurate with – proportional to – the ends. Serious intrusions are not justified by marginal benefits, particularly where less intrusive means are available.
- Storage of large bodies of data in electronically analysable form for up to ten years may constitute an unreasonable burden considering the rapidity of technological progress and the need to hold outdated hard- and software in readiness along with personnel able to operate superannuated systems. It may also be unfeasible to retain data in electronic form for up to ten years. Conventional hard drives become unreliable after only three years.
- Tax audit access to all tax-relevant data will entail access to sensitive commercial and technological secrets. The threat posed to taxpayers by accidental disclosure of such information may outweigh the marginal benefits in the form of more equitable tax collection.
- Electronic data access as desired by the tax authorities potentially involves tax authority access to large bodies of data without tax relevance. It is arguably the responsibility of the tax authorities to define reasonable limits to the scope of their access rights, instead of imposing this burden on the taxpayer.
It would, however, be rash to disregard the new electronic audit provisions on the assumption that they will ultimately be declared unconstitutional.
Christoph Kromer points out in a German language article (DB 2001, 67) that, while the United States Internal Revenue Service enjoys access to taxpayer computer systems, the IRS has in the past unilaterally renounced the right to examine taxpayer management accounts (accounts parallel to the financial accounting system allocating revenue and expenses in accordance with different criteria). Obviously, management accounts are of great transfer pricing tax relevance where they indicate that the allocation of income for commercial accounting and tax purposes is not in agreement with economic reality. It remains to be seen whether the German tax authorities will demand access to management accounts.
Since the chances appear small under German law to prevent the tax authorities from using relevant information in tax litigation once such information has fallen into their hands, taxpayers are well advised to structure their IT systems so that they can closely control the information to which the tax authorities receive access. In the event of a dispute over access to particular data, it is important for taxpayers to be in a position to deny the tax authorities access to the data as a practical matter, thus obliging them to seek such access and hopefully opening the door to judicial review.
Close consideration of the relevant procedural law is indicated. A mere request by the tax authorities for access to certain data may not constitute an administrative act as to which taxpayers can obtain judicial review. On the other hand, judicial review can definitely be obtained in the event of an attempt by the tax authorities to compel access to such information under § 328 ff. AO. Where a dispute arises regarding access to certain data, the proper approach by the courts would be to weigh the burden to the taxpayer (including possible disclosure of confidential information) against the probable benefit to the tax authorities.
If denied electronic access to information to which they consider themselves entitled, the tax authorities may also treat the denial as a violation by the taxpayer of its duties of cooperation (compliance obligations) under §§ 90 ff. AO. Such violations in themselves have no consequences if not criminal in nature. However, violations of compliance obligations are relevant in the context of the procedure under § 162 AO, by which the tax authorities may estimate facts they are unable to ascertain with certainty. A discussion of the procedural implications is beyond the scope of this article. Suffice it to say that serious compliance violations can place taxpayers at a significant disadvantage where little objective evidence of other sorts is obtainable on the matters at issue.
In the future, the tax authorities will be able to track all year-end closing entries to the accounts (including reclassifications) and demand explanations from the taxpayer. The experience in countries such as Canada with this simple technique has been positive from the perspective of the public treasury. The German tax authorities are incidentally thought to be planning to send their personnel to electronic audit training courses taught by Canadian tax officials.
The tax authorities have long sought electronic audit rights along the lines of those now enacted. In connection with German implementation of EU Directive 1999/93 requiring VAT recognition of electronic invoices, the tax authorities convinced the government that they needed new electronic audit rights to prevent VAT abuses from 2002 onwards.
The German tax authorities also believe they need electronic audit capabilities for transfer pricing reasons. In their view, the 2000 Tax Reform Act has brought matters to a head by revising German corporation tax law so as to eliminate a structural bias in favour of German-source income.
Under prior corporate tax law, it was tax efficient for German corporations to pay dividends to German resident individuals out of domestic-source earnings because of the full credit allowed for German corporation tax paid on the dividend. This – at least in the mind of the tax authorities – provided an important tax disincentive to shifting income abroad by means of manipulative transfer prices.
Under the new corporation tax law, which takes full effect in 2002, the situation is reversed because of the elimination of the corporation tax credit. The electronic audit provisions legislated in 2000 are therefore in part a response to the increased incentive to shift income abroad from 2002 onwards.
Taxpayers must take action to address the two greatest dangers posed by electronic audits:
- Disclosure of sensitive information because the taxpayer was unaware of its presence in an area which it expected the tax authorities to analyse.
- Accidental access by the tax authorities to areas they were not expected to analyse because the access rights granted to them were overly broad.
The first problem can be addressed by evaluating, prior to audit begin, the areas that will be opened to the tax authorities. The second problem can be addressed by compartmentalising the data processing system (devising restrictive access rights, erecting "firewalls"). In neither case is the solution easy. The effort involved in compartmentalising corporate data processing systems to prepare for the dawn of electronic audits has been compared with that to convert taxpayer accounting systems to the Euro. The time available to prepare for the Euro was considerably greater, however.
The final regulations require unrestricted access by the tax authorities only to the financial, fixed asset, and payroll accounting systems. These concepts need to be defined from a technical perspective and corresponding access rights devised.
A far greater task lies in the segregation of the information on the rest of the data processing system into a "tax-relevant" area and a "tax-irrelevant" area. The approach taken by certain computer consulting firms is to copy information from the computer systems into archives specifically intended for the tax authorities and to grant them access only to such archives. This presents the great advantage of avoiding direct access by the tax authorities to "mainstream" data processing areas.
In addition to decisions as to which information has tax relevance, legal decisions must be made as to the scope of the statutes involved – whether access need be granted only to documents within the meaning of § 147 (1) AO, as seems likely, and, if so, whether these documents are narrow in scope (only documents related to the bookkeeping system) or broad. Resolution of these issues is also necessary to plan data archiving from 2002 onwards.
The electronic audit provisions – and electronic data storage provisions – that took effect in Germany in January 2002 confront taxpayers with a challenge they cannot afford not to take up. The implementing regulations issued by the tax authorities in July 2001 place the responsibility for denying them electronic access to confidential non-tax data squarely on the taxpayer's shoulders. While this is a burden, it is also an opportunity. If the tax authorities themselves knew how to appropriately define the limits of their new electronic access rights, they would have done so in the implementing regulations. They have instead decided to pass the buck to the taxpayer and see what happens. Taxpayers should take advantage of their ability to structure the terms of tax authority electronic data access, at least in its initial stages.
The tax authorities need time to experiment with their new audit tool. In the long run, their access to taxpayer IT systems will give them greater insight into the parameters that are relevant for the determination of transfer prices.
Editorial cut-off date: 20 March 2002
Disclaimer and notice of copyright
This article treats the subjects covered in condensed form. It is intended to provide a general guide to the subject matter and should not be relied on as a basis for business decisions. Specialist advice must be sought with respect to your individual circumstances. KPMG Germany in particular insists that the tax law and other sources on which the article is based be consulted in the original, whether or not such sources are named in the article. Please note that the article is current only through its editorial cut-off date shown immediately above (not to be confused with the later date as of which the article was placed online – the date appearing at the article's outset). Related developments subsequent to the editorial cut-off are not necessarily reported on in later articles. Please note as well that later versions of this article or other articles on related topics may have since appeared on this database or elsewhere and should also be searched for and consulted. While KPMG Germany's articles are carefully reviewed, it can accept no responsibility in the event of any inaccuracy or omission. Any claims nevertheless raised against KPMG Germany on the basis of this article are subject to German substantive law and, to the extent permissible thereunder, to the exclusive jurisdiction of the courts in Frankfurt am Main, Germany. This article is the intellectual property of KPMG Germany (KPMG Deutsche Treuhand-Gesellschaft AG). No use of or quotation from the article is permitted without full attribution to KPMG Germany and the article's stated author(s), if any. Distribution to third persons is prohibited without the express written consent of KPMG Germany in advance.